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Remarks *?. ^ 

This is in response to the final Office Action mailed January 1 1, 2005. Claims 1-2031 

remain pending* Reconsideration and allowance are respectfuHy requested 

following remarks. ^ 

Claims 1-19 stand rejected under 35 U.S,C. § 103(a) as being unpatentable over 

Moudgill, U.S. Patent No. 6,578,094, in view of Nishikawa, U.S. Patent No. 6,346,822. TWs 

rejection is respectfully traversed, and reconsideration is requested in view of the following^*^ re^;^ ^mo 



remarks. 

Claim 1 is directed to a method for preventing overrun of an input data buffer. Claim I Q 
recites, among other limitations, the following: pushing onto the stack data structure a security q" 
token, the security token comprising a randomly generated data value; retrieving the security O* 
token value from the stack data structure; and if the retrieved security token value is identical to CD 
the randomly generated data value, returning from the function using the return address stored on <f*) 
the stack data structure. As previously noted, an advantage associated with such a method is that J® 
when alteration of the security token value is detected, execution can be aborted and the system 
stack reinitialized to ensure the integrity of the data on the stack. 

To establish a prima fade case of obviousness, three basic criteria must be met: 1) 
suggestion or motivation, either in the references themselves or in the knowledge generally 
available to one of ordinary skill in the art, to modify the reference or to combine teachings; 2) a 
reasonable expectation of success; and 3) the references, when combined must teach or suggest 
all the claim limitations. In re Vaeck. 20 USPQ2d 1438 (Fed. Cir. 1991); MPEP § 2143 et 
seq. It is respectfully suggested that the rejection fails to establish a prima facie case of 
obviousness because there is no motivation to combine Moudgill and Nishikawa for at least the 
following reasons. 

Moudgill discloses a method for preventing buffer overflow in a memory stack by a 
malicious attacker who is attempting to break security and obtain privileged access to a system. 
See, e.g., Moudgill, col. 3, 1. 50 - col. 4, 1. 3; and col. 4, 1. 36 - col. 5, 1. 9. 

In contrast, Nishikawa discloses a semiconductor integrated circuit having two shift 
registers which store randomly-generated numbers and a comparator thai compares the numbers 
stored in the shift registers. Nishikawa, col. 3, 1. 43 - col. 4, L 3, Comparison of the randomly- 
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generated numbers is conducted during initial inspection so that malfunctioning integrated; aui£ ; r: • ^<v$*xt0U<a 
circuits canine. detected. See > for example, Nishikawa, col. !-,lbvl«U-^ 

Motivation to combine references cannot be found in situationsin which- tfreprobl^ 
addressed by each reference differs. See MPEP § 2143.01. One skilled in the art wou!&not*e « #K« -&«^ 
motivated to combine Moudgill and Nishikawa because the natureof the prablems^^^ 
by Moudgill and Nishikawa differ. Specifically, Moudgill disclosesia method for^reventii^^^ 
malicious buffer overflow attacks, while Nishikawa discloses^a-semiconduetor -integrated*^ 
having two shift registers which store randomly-generated numbers for initial inspection and 
identification of malfunctions. Therefore, one skilled in the art would not be motivated to 
combine Moudgill's method for preventing malicious buffer overflow attacks with Nishikawa's 
semiconductor integrated circuit that utilizes randomly-generated numbers for inspection and 
identification of malfunctioning circuits. 

Further, references cannot be combined where a reference teaches away from the 
combination. MPEP § 2145(X)(D)(2). Moudgill criticizes and teaches away from overflow 
prevention systems that insert data (e.g., a "canary" word) in a stack to detect overflow 
conditions: 

Yet another approach is one in which the compiler puts a 
"canary" word just before the procedure return pointer on the 
stack. A canary word is simply a word containing a special 
pattern. Prior to returning from a routine, the code determines if 
the word has been overwritten. If so, it is determined that there has 
been a buffer overrun. Apart from requiring recompilation, this 
technique also suffers from the problem that it can be defeated by, 
e.g., guessing the canary word. 

Moudgill, col. 4, 11. 19-27. The rejection states that Moudgill recognizes the problem associated 
with a canary word including a special pattern. However, Moudgill does not disclose or suggest 
how to solve this problem, but instead teaches away from inclusion of a canary word (formed of 
a special pattern or otherwise) and instead teaches use of a "bounds checking procedure." 

Therefore, one skilled in the art would not be motivated to modify the method disclosed 
by Moudgill to insert a randomly-generated number as disclosed by Nishikawa because Moudgill 
teaches away from such a configuration. 

Reconsideration and allowance of claim 1, as well as claims 2-6 that depend therefrom, 
are respectfully requested for at least these reasons. 
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Claim 7 recites an apparatus for pre venting overran of an input data buffer. Claim 7 v 
recites, among other limitations, a push security token module placing onto the stack data \ . v - ^ 

structure a security token, the security token comprising a randomly generated data^^ 
test module comparing the retrieved security*token with the randomly generated data valua-t ^-: 
? " Therefore, claim 7, as well as and crainis-8-12 that depend therefrom, is allowable for at least*** * * * ' * t&K 
^asdh? similar to those provide above with respect to claim 1. Reconsideration^andtanowsnoccv^ ^itn ^e^^eei^ ^ 
are requested. 

Claim 13 is directed to a computer program product readable by a computing system and 
encoding a set of computer instructions implementing a method for preventing overrun of an 
input data buffer. Claim 13 recites, among other limitations, pushing onto the stack data 
structure a security token, the security token comprising a randomly generated data value, and 
retrieving the security token value from the stack data structure. Therefore, claim 13, as well as 
claims 14-19 that depend therefrom, is allowable for at least reasons similar to those provide 
above with respect to claim L Reconsideration and allowance are requested. 

Claims 20 is rejected under section 103(a) as being unpatentable over Moudgill and 
Nishikawa in view of Williams, U.S. Patent No. 6,5 19,702, This rejection is respectfully 
traversed, and the correctness of the rejection is not conceded. However, claim 20 depends from 
claim 13. Williams does not remedy the shortcomings of Moudgill and Nishikawa noted above. 
Therefore, claim 20 is allowable for at least the same reasons as those provided above with 
respect to claim 13, Reconsideration and allowance are respectfiilly requested. 

The remarks set forth above provide certain arguments in support of the patentability of 
the pending claims. There may be other reasons that the pending claims are patentably distinct 
over the cited references, and the right to raise any such other reasons or arguments in the future 
is expressly reserved. 
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Favorable reconsideration in the form of a Notice of Allowance is orpsp&B^ 
The Examiner is encouraged to contact the undersigned attorney mthiany iqu^ ■ 
mil * ■ this application. * * - - ■ r*i?KtfH<c*;i: 



Hate- February 1 7 1 



Respectfully submitted, 
MERCHANT & GOULD P.C. 
P.O. Box 2903 

Minneapolis* Minnesota 55402-0903 
(612) 332-5300 



Name: Robert A. Kalinsky J 

Reg. No.: 50.471 

RAK 
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